Changeset 136173 in webkit


Ignore:
Timestamp:
Nov 29, 2012 3:17:24 PM (11 years ago)
Author:
zhajiang@rim.com
Message:

[BlackBerry] window.open can load url twice which can cause security and timing issues
https://bugs.webkit.org/show_bug.cgi?id=103670

Patch by Jacky Jiang <zhajiang@rim.com>.
Reviewed by Yong Li.

PR: 252234
When we call window.open() in JS, DOMWindow will create a window and
change the url to load the resources. However, during the window
creation, we dispatch an OpenWindow event with the url to browser side
and browser side loads the url thereafter as well.
DOMWindow::createWindow() is only required to create the window not to
load url as far as I can tell. This is unneccessary and can cause
unexpected issues. So just pass an empty url instead to avoid
the double-load issue.

  • WebCoreSupport/ChromeClientBlackBerry.cpp:

(WebCore::ChromeClientBlackBerry::createWindow):

Location:
trunk/Source/WebKit/blackberry
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/WebKit/blackberry/ChangeLog

    r136162 r136173  
     12012-11-29  Jacky Jiang  <zhajiang@rim.com>
     2
     3        [BlackBerry] window.open can load url twice which can cause security and timing issues
     4        https://bugs.webkit.org/show_bug.cgi?id=103670
     5
     6        Reviewed by Yong Li.
     7
     8        PR: 252234
     9        When we call window.open() in JS, DOMWindow will create a window and
     10        change the url to load the resources. However, during the window
     11        creation, we dispatch an OpenWindow event with the url to browser side
     12        and browser side loads the url thereafter as well.
     13        DOMWindow::createWindow() is only required to create the window not to
     14        load url as far as I can tell. This is unneccessary and can cause
     15        unexpected issues. So just pass an empty url instead to avoid
     16        the double-load issue.
     17
     18        * WebCoreSupport/ChromeClientBlackBerry.cpp:
     19        (WebCore::ChromeClientBlackBerry::createWindow):
     20
    1212012-11-29  Otto Derek Cheung  <otcheung@rim.com>
    222

  • trunk/Source/WebKit/blackberry/WebCoreSupport/ChromeClientBlackBerry.cpp

    r135900 r136173  
    258258        flags |= WebPageClient::FlagWindowIsDialog;
    259259
    260     WebPage* webPage = m_webPagePrivate->m_client->createWindow(x, y, width, height, flags, url.string(), request.frameName());
     260    WebPage* webPage = m_webPagePrivate->m_client->createWindow(x, y, width, height, flags, BlackBerry::Platform::String::emptyString(), request.frameName());
    261261    if (!webPage)
    262262        return 0;
Note: See TracChangeset for help on using the changeset viewer.